Release 2.9.0

This release was insanaly complicated plagued with issues and therefore it was delayed %100 (we had planned 15 days, it took nearly a month). really bad, hopefully next one goes a little bit better.

We will release the package next monday

one more of data type (gdpr) (2416)
app and db version check against stat table not necessary (2411)
Bulk field option should not stay Leave unchanged if some interaction happened (2410)
create compliance package and upload items over APIs (2402)
renam edit string for something more meaningful (reviews audits etc) (2397)
System Health should check writable permissions recursively in tmp/ (2388)
language selector improvements (2365)
Phrase “The controlis in design…” added automatically when creating control (2342)
Ad-hoc audits and maintenances force you to a result (2319)
policy review “add-hoc” does not load content tab with previous review (2311)

Account Review Feed disabled type of feed (2422)
internal control csv import typ0 (2419)
Bug - Choosing LDAP group connector throws error (2415)
Bug - LDAP sync points to asset types (2414)
Bug - Custom field not included in report (2413)
VendorAssessment portal_url macro fix (2409)
Older attachments are not visible in widget list (2408)
News cron - include more information (2417)
Toolbar menu items wrongly positioned on non-english languages (2401)
next review modal re-arranged to improve UX (2398)
Custom Translations may break some UX parts (2396)
MissingDatabaseException with more information (2391)
Bug - Comments and attachments not reloaded after check (2372)
Bug - Awareness program emails not taking text formating into account (2368)
Issue with Backup SQL functionality (2360)

Release 2.10.0 is planned for the first week of December and will bring fully customised forms names (name and description), dynamic status and the first version of our GRC library. The goal is to get closer to workflows.


Here is the report from acunetix (automatic pen-testing site) for this release:
20191126_Executive_Summary_acunetix_cloud_eramba_org.pdf (84.6 KB)

We couldn’t import the ovf/vmdk to a Xen installation.

We have tried through several methods:

  1. Direct import
  2. Using VMware’s ovftool

The ovf file seems to terminate with a number. If we erase that number and try to use the tool again to process the file we got another error:

ovftool.exe eramba_enterprise_latest.ovf
Error: Failed to read from file: eramba_enterprise_vm_latest-disk1.vmdk

Plus, we have done 2 attempts to download the files: one with Firefox and the other with Chromium.

Does anybody have the same issue?


  • In order to check if there was any corruption of the files, could you please publish the md5 of both files (ovf/vmdk).

I wrote you an email with information. Hope it helps.